Warning: Road Runner DNS says nonexistent domains exist
wbe
landing service", and it's enabled for you by default.
This affects every program that relies on DNS lookups of non-existent
domain names getting a result of "Unknown host". Instead of "no such
host", Road Runner's DNS servers return the IP address of a Road Runner
web server for all non-existent (probably just second and third level)
domain names, making the domain look like it does exist.
[In my area, the address returned is 24.28.193.9 (ww23.rr.com). It may be
different in your area.]
The bad news: it's ENABLED by default (I certainly never enabled it).
The good news: it can be DISABLED easily, so that DNS lookups work the
way they were designed to work. Visit http://ww23.rr.com/ (or whatever
address you get when you look up a non-existent domain) and click the
"Opt In or Out of this Service" link at the bottom of the page.
Here's what you'll find:
------------------------------
These preferences allow you to opt in or out of the non-existing domain
landing service. At any point in time you can opt in or out of these
services using this page.
Web Address Error Redirect Service: This preference allows you to opt in
or out of Road Runner's non-existing domain landing service.
Current setting: Enabled
Enable
Disable
------------------------------
I followed their instructions and DNS lookups returned to normal quickly.
[Maybe the conversion of their DNS servers to do this is why they were
exceptionally slow/flaky a week or two ago?]
Just thought folks would want to know in case anyone else hadn't already
heard about it,
-WBE
Dutch
say:
> WARNING: Road Runner has what they call a "non-existing domain
> landing service", and it's enabled for you by default.
>
> This affects every program that relies on DNS lookups of non-existent
> domain names getting a result of "Unknown host". Instead of "no such
> host", Road Runner's DNS servers return the IP address of a Road Runner
> web server for all non-existent (probably just second and third level)
> domain names, making the domain look like it does exist.
[...]
> ------------------------------
>
> I followed their instructions and DNS lookups returned to normal quickly.
>
> [Maybe the conversion of their DNS servers to do this is why they were
> exceptionally slow/flaky a week or two ago?]
>
> Just thought folks would want to know in case anyone else hadn't already
> heard about it,
> -WBE
Another option is to change to a non-RR DNS, such as Level3's 4.2.2.1,
4.2.2.2, etc., or better yet, run your own local caching DNS, using
TreeWalk for Windows or Bind for Linux, for instance.
http://www.linux.com/base/ldp/howto/DNS-HOWTO-3.html
--
Dutch
PCLinuxOS 2007
Registered Linux User #391111
Chuckito
news:ydy788u...@UBEblock.psr.com:
Just noticed it yesterday and was wondering WTF? At first had me worried
that the old proxy-server days when RR first started out were back.
Easily disabled, just wish they would have told their customers about it
before implementing it.
Agent_C
wrote:
>Another option is to change to a non-RR DNS, such as Level3's 4.2.2.1,
>4.2.2.2, etc., or better yet, run your own local caching DNS, using
>TreeWalk for Windows or Bind for Linux, for instance.
Yeah, I'll be sure to let my 75 yo uncle know that, who can barely
launch AOL.
A_C
wbe
> Easily disabled, just wish they would have told their customers about it
> before implementing it.
Agreed!
-WBE
Dutch
Agent_C say:
I did say it was "another option", but apparently you're not gifted
enough to help him change his DNS settings, so it's obviously not
something you'd want him to try. My 80 plus year old seniors computer
class students manage it quite nicely though. And in Linux no less...
wbe
>> WARNING: Road Runner has what they call a "non-existing domain
>> landing service", and it's enabled for you by default.
>> Just thought folks would want to know in case anyone else hadn't already
>> heard about it,
Dutch <bur...@blackholespam.net> replied:
> Another option is to change to a non-RR DNS, such as Level3's 4.2.2.1,
> 4.2.2.2, etc.,
Yep.
> or better yet, run your own local caching DNS, using
> TreeWalk for Windows or Bind for Linux, for instance.
However, a local server that uses RR's DNS servers won't eliminate RR's
"landing service" replies for non-existent domains. One would still need
to either use a non-RR DNS server or disable the new feature.
Also, it would have helped if they had alerted (warned!) customers before
turning it on. :-/ These newsgroup articles should help do that.
-WBE
Agent_C
wrote:
>I did say it was "another option", but apparently you're not gifted
>enough to help him change his DNS settings[...]
Thanks, but I'm not so easily baited...
A_C
Dutch
Black Dragon say:
> Agent_C wrote:
>
>> On Mon, 24 Mar 2008 13:57:26 -0400, Dutch <bur...@blackholespam.net>
>> wrote:
>
>>>Another option is to change to a non-RR DNS, such as Level3's 4.2.2.1,
>>>4.2.2.2
>
> Is bad netiquette use another Internet providers DNS. Adds un-necessary
> traffic to their networks.
I used Level3 as one example, but they've made those servers available
to the public for a number of years now. If they wanted to restrict
them, it's simple enough to do so.
>> Yeah, I'll be sure to let my 75 yo uncle know that, who can barely
>> launch AOL.
>
> http://public-root.com
> http://inaic.com/index.php?p=tools-and-software
> http://inaic.com/index.php?p=internet2-tool
>
> I've been using the Public Root DNS for *years* without any trouble.
> RR's DNS has always sucked and it's obvious it is not getting any better.
Yep, those are some other available DNS options.
Dutch
say:
> I originally posted:
>>> WARNING: Road Runner has what they call a "non-existing domain
>>> landing service", and it's enabled for you by default.
> ...
>>> Just thought folks would want to know in case anyone else hadn't already
>>> heard about it,
>
> Dutch <bur...@blackholespam.net> replied:
>> Another option is to change to a non-RR DNS, such as Level3's 4.2.2.1,
>> 4.2.2.2, etc.,
>
> Yep.
>
>> or better yet, run your own local caching DNS, using
>> TreeWalk for Windows or Bind for Linux, for instance.
>
> However, a local server that uses RR's DNS servers won't eliminate RR's
> "landing service" replies for non-existent domains. One would still need
> to either use a non-RR DNS server or disable the new feature.
Using a local server like TreeWalk or Bind does not use RR's DNS at all,
but rather uses the same root servers that RR and everyone else running
DNS uses. I don't use any of RR's servers beyond the minimum needed for
account authentication and DHCP.
> Also, it would have helped if they had alerted (warned!) customers before
> turning it on. :-/ These newsgroup articles should help do that.
> -WBE
Yep, that I'll agree with...
Dutch
> Dutch wrote:
>
>> Using a local server like TreeWalk or Bind does not use RR's DNS at all,
>> but rather uses the same root servers that RR and everyone else running
>> DNS uses.
>
> In the default BIND config file, named.conf, it suggests if your upstream
> provider has DNS to use it as a forwarder to reduce overall traffic on
> the Internet.
>
> From (a working) named.conf on a BIND9 server:
>
> // If you've got a DNS server around at your upstream provider, enter
> // its IP address here, and enable the line below. This will make you
> // benefit from its cache, thus reduce overall DNS traffic in the Internet.
> /*
> forwarders {
> 127.0.0.1;
> };
> */
>
> I'd wager the number of people running BIND on their local networks who
> have forwarders configured far outnumbers those who don't.
>
> I agree with you and suggest not to, the local name server wouldn't be
> any better than the upstream server. Other than being able to benefit
> from the local cache, in RR's case, name resolution would be consistently
> inconsistent. Which is why I switched entirely to using the Public Root
> DNS.
I know what they suggest for BIND, but as you said, that doesn't fix the
problem in this case.
>>> Also, it would have helped if they had alerted (warned!) customers before
>>> turning it on. :-/ These newsgroup articles should help do that.
>>> -WBE
>
>> Yep, that I'll agree with...
>
> I agree a notice would have been nice too. But all in all it's not such
> a bad thing for most customers IMO.
As I see it, it's legal DNS poisoning... :-)
toad-on-a-stick
wrote:
Or you can do as I've done and use a custom DNS server configuration:
OpenDNS servers 208.67.220.220 208.67.222.222
I have them configured with one OpenDNS as the main and Roadrunner as
the secondary. Works great because when OpenDNS is down (happens
sometimes, I don't loose my network access as I have a backup.
NormanM
> On 24 Mar 2008 13:29:26 -0400, wbe @ubeblock.psr.com.invalid (Winston)
> wrote:
>> WARNING: Road Runner has what they call a "non-existing domain
>> landing service", and it's enabled for you by default.
<snip>
>>Just thought folks would want to know in case anyone else hadn't already
>>heard about it,
> Or you can do as I've done and use a custom DNS server configuration:
>
> OpenDNS servers 208.67.220.220 208.67.222.222
>
> I have them configured with one OpenDNS as the main and Roadrunner as
> the secondary. Works great because when OpenDNS is down (happens
> sometimes, I don't loose my network access as I have a backup.
You do know that OpenDNS also uses a "non-existent domain landing service",
don't you? It is enabled by default:
| C:\Documents and Settings\User>nslookup xyzzyizdisso.org 208.67.222.222
| Server: resolver1.opendns.com
| Address: 208.67.222.222
|
| Non-authoritative answer:
| Name: xyzzyizdisso.org.aosake.net
| Address: 208.67.219.132
You need to sign up an account with OpenDNS in order to change the default.
Or use a DNS server which pulls no such shenanigans:
| C:\Documents and Settings\User>nslookup xyzzyizdisso.org 4.2.2.1
| Server: vnsc-pri.sys.gtei.net
| Address: 4.2.2.1
|
| *** vnsc-pri.sys.gtei.net can't find xyzzyizdisso.org: Non-existent domain
For now, my ISP is staying away from such nonsense.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum